DDG leaking which sites you've visited

Forum Moderators: bakedjake

Message Too Old, No Replies

DDG leaking which sites you've visited

brotherhood of LAN

8:00 am on Jul 2, 2020 (gmt 0)

[news.ycombinator.com...]
[github.com...]

Basically to save themselves the hassle of figuring out where a favicon is located for a domain within their browser, they contact their own servers which is leaking info on all the domains you've visited to "back home"

not2easy

1:48 pm on Jul 2, 2020 (gmt 0)

If they are to stay in the running, it seems they need to make some adjustments to their setup - in more ways. There was a recent discussion about the difficulties of even whitelisting their (AWS) IPs: [webmasterworld.com...]

brotherhood of LAN

2:02 pm on Jul 2, 2020 (gmt 0)

Those IPs shouldn't affect the 'indexability' of your site on DDG, as it's the Bing crawler that's doing the indexing. DDG bot checks favicons and 404 checks some URLs that are in their instant answers.

brotherhood of LAN

2:21 pm on Jul 2, 2020 (gmt 0)

It is now patched, so using their app will no longer call DDG servers asking for favicons for domains you're looking at.

engine

3:09 pm on Jul 2, 2020 (gmt 0)

Glad to know it's been patched. Clearly, an error, and not malicious by DDG.
It just goes to show how important it is to be on-the-ball all the time.